New translation batch for cn (#25342)

* Add crowdin translations * Run script/i18n/homogenize-frontmatter.js * Run script/i18n/lint-translation-files.js --check parsing * Run script/i18n/lint-translation-files.js --check rendering * run script/i18n/reset-files-with-broken-liquid-tags.js --language=cn * run script/i18n/reset-known-broken-translation-files.js * Check in cn CSV report Co-authored-by: Grace Park <gracepark@github.com>
2026-01-05 03:06:35 -05:00 · 2022-02-15 12:31:42 -08:00
parent 36c1db2164
commit c8b0d0e4ae
55 changed files with 352 additions and 159 deletions
--- a/translations/log/cn-resets.csv
+++ b/translations/log/cn-resets.csv
@@ -75,7 +75,7 @@ translations/zh-CN/content/code-security/code-scanning/automatically-scanning-yo
 translations/zh-CN/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-the-codeql-workflow-for-compiled-languages.md,broken liquid tags
 translations/zh-CN/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/index.md,broken liquid tags
 translations/zh-CN/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/managing-code-scanning-alerts-for-your-repository.md,broken liquid tags
-translations/zh-CN/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/setting-up-code-scanning-for-a-repository.md,parsing error
+translations/zh-CN/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/setting-up-code-scanning-for-a-repository.md,broken liquid tags
 translations/zh-CN/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/troubleshooting-the-codeql-workflow.md,Listed in localization-support#489
 translations/zh-CN/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/viewing-code-scanning-logs.md,broken liquid tags
 translations/zh-CN/content/code-security/code-scanning/integrating-with-code-scanning/about-integration-with-code-scanning.md,broken liquid tags
--- a/translations/zh-CN/content/actions/automating-builds-and-tests/building-and-testing-ruby.md
+++ b/translations/zh-CN/content/actions/automating-builds-and-tests/building-and-testing-ruby.md
@@ -54,9 +54,9 @@ jobs:
    steps:
      - uses: actions/checkout@v2
      - name: Set up Ruby
-        uses: ruby/setup-ruby@477b21f02be01bcb8030d50f37cfec92bfa615b6
+        uses: ruby/setup-ruby@359bebbc29cbe6c87da6bc9ea3bc930432750108
        with:
-          ruby-version: 2.6
+          ruby-version: '3.1'
      - name: Install dependencies
        run: bundle install
      - name: Run tests
@@ -65,7 +65,7 @@ jobs:

 ## 指定 Ruby 版本

-指定 Ruby 版本的最简单方法是使用 Ruby 组织在 GitHub 上提供的 `ruby/setup-ruby` 操作。 该操作将任何受支持的 Ruby 版本添加到工作流程中运行的每个作业的 `PATH`。 更多信息请参阅 [`ruby/setup-ruby`](https://github.com/ruby/setup-ruby)。
+指定 Ruby 版本的最简单方法是使用 Ruby 组织在 GitHub 上提供的 `ruby/setup-ruby` 操作。 该操作将任何受支持的 Ruby 版本添加到工作流程中运行的每个作业的 `PATH`。 For more information and available Ruby versions, see [`ruby/setup-ruby`](https://github.com/ruby/setup-ruby).

 使用 Ruby 的 `ruby/setup-ruby` 操作是 Python 与 GitHub Actions 结合使用时的推荐方式，因为它能确保不同运行器和不同版本的 Ruby 行为一致。

@@ -75,9 +75,9 @@ jobs:
 ```yaml
 steps:
 - uses: actions/checkout@v2
- uses: ruby/setup-ruby@477b21f02be01bcb8030d50f37cfec92bfa615b6
+- uses: ruby/setup-ruby@359bebbc29cbe6c87da6bc9ea3bc930432750108
  with:
-    ruby-version: 2.6 # Not needed with a .ruby-version file
+    ruby-version: '3.1' # Not needed with a .ruby-version file
 - run: bundle install
 - run: bundle exec rake
 ```
@@ -87,13 +87,13 @@ steps:

 ## 使用多个版本的 Ruby 进行测试

-您可以添加矩阵策略，以在多个版本的 Ruby 上运行工作流程。 例如，您可以根据版本 2.7、2.6 和 2.5 的最新修补程序版本测试代码。 "x" 是一个通配符，与版本的最新修补程序版本匹配。
+您可以添加矩阵策略，以在多个版本的 Ruby 上运行工作流程。 For example, you can test your code against the latest patch releases of versions 3.1, 3.0, and 2.7.

 {% raw %}
 ```yaml
 strategy:
  matrix:
-    ruby-version: [2.7.x, 2.6.x, 2.5.x]
+    ruby-version: ['3.1', '3.0', '2.7']
 ```
 {% endraw %}

@@ -119,12 +119,12 @@ jobs:

    strategy:
      matrix:
-        ruby-version: [2.7.x, 2.6.x, 2.5.x]
+        ruby-version: ['3.1', '3.0', '2.7']

    steps:
      - uses: actions/checkout@v2
      - name: {% raw %}Set up Ruby ${{ matrix.ruby-version }}{% endraw %}
-        uses: ruby/setup-ruby@477b21f02be01bcb8030d50f37cfec92bfa615b6
+        uses: ruby/setup-ruby@359bebbc29cbe6c87da6bc9ea3bc930432750108
        with:
          ruby-version: {% raw %}${{ matrix.ruby-version }}{% endraw %}
      - name: Install dependencies
@@ -141,9 +141,9 @@ jobs:
 ```yaml
 steps:
 - uses: actions/checkout@v2
- uses: ruby/setup-ruby@477b21f02be01bcb8030d50f37cfec92bfa615b6
+- uses: ruby/setup-ruby@359bebbc29cbe6c87da6bc9ea3bc930432750108
  with:
-    ruby-version: 2.6
+    ruby-version: '3.1'
 - run: bundle install
 ```
 {% endraw %}
@@ -157,7 +157,7 @@ steps:
 {% raw %}
 ```yaml
 steps:
- uses: ruby/setup-ruby@477b21f02be01bcb8030d50f37cfec92bfa615b6
+- uses: ruby/setup-ruby@359bebbc29cbe6c87da6bc9ea3bc930432750108
    with:
      bundler-cache: true
 ```
--- a/translations/zh-CN/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-google-kubernetes-engine.md
+++ b/translations/zh-CN/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-google-kubernetes-engine.md
@@ -90,8 +90,12 @@ $ gcloud services enable \
  ```
  $ gcloud projects add-iam-policy-binding $GKE_PROJECT \
    --member=serviceAccount:$SA_EMAIL \
-    --role=roles/container.admin \
-    --role=roles/storage.admin \
+    --role=roles/container.admin
+  $ gcloud projects add-iam-policy-binding $GKE_PROJECT \
+    --member=serviceAccount:$SA_EMAIL \
+    --role=roles/storage.admin
+  $ gcloud projects add-iam-policy-binding $GKE_PROJECT \
+    --member=serviceAccount:$SA_EMAIL \
    --role=roles/container.clusterViewer
  ```
  {% endraw %}
--- a/translations/zh-CN/content/actions/learn-github-actions/contexts.md
+++ b/translations/zh-CN/content/actions/learn-github-actions/contexts.md
@@ -73,7 +73,7 @@ As part of an expression, you can access context information using one of two sy
 | <code>concurrency</code>  | <code>github, inputs</code>  |                            |
 | <code>env</code>  | <code>github, secrets, inputs</code>  |                            |
 | <code>jobs.&lt;job_id&gt;.concurrency</code>  | <code>github, needs, strategy, matrix, inputs</code>  |                            |
-| <code>jobs.&lt;job_id&gt;.container</code>  | <code>github, needs, strategy, matrix, inputs</code>  |                            |
+| <code>jobs.&lt;job_id&gt;.container</code>  | <code>github, needs, strategy, matrix, secrets, inputs</code>  |                            |
 | <code>jobs.&lt;job_id&gt;.container.credentials</code>  | <code>github, needs, strategy, matrix, env, secrets, inputs</code>  |                            |
 | <code>jobs.&lt;job_id&gt;.container.env.&lt;env_id&gt;</code> | <code>github, needs, strategy, matrix, job, runner, env, secrets, inputs</code> |                            |
 | <code>jobs.&lt;job_id&gt;.continue-on-error</code> | <code>github, needs, strategy, matrix, inputs</code> |                            |
--- a/translations/zh-CN/content/actions/using-workflows/workflow-commands-for-github-actions.md
+++ b/translations/zh-CN/content/actions/using-workflows/workflow-commands-for-github-actions.md
@@ -314,7 +314,9 @@ console.log("The running PID from the main action is: " +  process.env.STATE_pro

 {% warning %}

-**Warning:** On Windows, legacy PowerShell (`shell: powershell`) does not use UTF-8 by default. 请确保使用正确的编码写入文件。 例如，在设置路径时需要设置 UTF-8 编码：
+**Warning:** On Windows, legacy PowerShell (`shell: powershell`) does not use UTF-8 by default.
+
+When using `shell: powershell`, you must specify UTF-8 encoding. 例如：

 ```yaml
 jobs:
@@ -325,22 +327,7 @@ jobs:
        run: echo "mypath" | Out-File -FilePath $env:GITHUB_PATH -Encoding utf8 -Append
 ```

-Or switch to PowerShell Core, which defaults to UTF-8:
-
-```yaml
-jobs:
-  modern-pwsh-example:
-    uses: windows-2019
-    steps:
-      - shell: pwsh
-        run: echo "mypath" | Out-File -FilePath $env:GITHUB_PATH -Append # no need for -Encoding utf8
-```
-
-More detail about UTF-8 and PowerShell Core found on this great [Stack Overflow answer](https://stackoverflow.com/a/40098904/162694):
-
-> ### Optional reading: The cross-platform perspective: PowerShell _Core_:
-> 
-> [PowerShell is now cross-platform](https://blogs.msdn.microsoft.com/powershell/2016/08/18/powershell-on-linux-and-open-source-2/), via its **[PowerShell _Core_](https://github.com/PowerShell/PowerShell)** edition, whose encoding - sensibly - ***defaults to ***BOM-less UTF-8******, in line with Unix-like platforms.
+Alternatively, you can use PowerShell Core (`shell: pwsh`), which defaults to UTF-8.

 {% endwarning %}

--- a/translations/zh-CN/content/actions/using-workflows/workflow-syntax-for-github-actions.md
+++ b/translations/zh-CN/content/actions/using-workflows/workflow-syntax-for-github-actions.md
@@ -757,6 +757,8 @@ strategy:

 ## `jobs.<job_id>.container`

+{% data reusables.github-actions.docker-container-os-support %}
+
 {% data reusables.actions.jobs.section-running-jobs-in-a-container %}

 ### `jobs.<job_id>.container.image`
--- a/translations/zh-CN/content/admin/advanced-security/configuring-code-scanning-for-your-appliance.md
+++ b/translations/zh-CN/content/admin/advanced-security/configuring-code-scanning-for-your-appliance.md
@@ -70,7 +70,22 @@ If you set up the {% data variables.product.prodname_codeql %} action sync tool,
 3. The next step is to configure access to actions on {% data variables.product.prodname_dotcom_the_website %} using {% data variables.product.prodname_github_connect %}. For more information, see "[Enabling automatic access to {% data variables.product.prodname_dotcom_the_website %} actions using {% data variables.product.prodname_github_connect %}](/enterprise/admin/github-actions/enabling-automatic-access-to-githubcom-actions-using-github-connect)."
 4. Add a self-hosted runner to your repository, organization, or enterprise account. For more information, see "[Adding self-hosted runners](/actions/hosting-your-own-runners/adding-self-hosted-runners)."

+
+## Running code scanning using the {% data variables.product.prodname_codeql_cli %}
+
+If you don't want to use {% data variables.product.prodname_actions %}, you should run {% data variables.product.prodname_code_scanning %} using the {% data variables.product.prodname_codeql_cli %}. 
+
+The {% data variables.product.prodname_codeql_cli %} is a command-line tool that you use to analyze codebases on any machine, including a third-party CI/CD system. For more information, see "[Installing CodeQL CLI in your CI system](/code-security/code-scanning/using-codeql-code-scanning-with-your-existing-ci-system/installing-codeql-cli-in-your-ci-system)."
+
+
+{% if codeql-runner-supported %}
+
 ## Running {% data variables.product.prodname_code_scanning %} using the {% data variables.product.prodname_codeql_runner %}
+
+{% data reusables.code-scanning.deprecation-codeql-runner %}
+
 If you don't want to use {% data variables.product.prodname_actions %}, you can run {% data variables.product.prodname_code_scanning %} using the {% data variables.product.prodname_codeql_runner %}. 

 The {% data variables.product.prodname_codeql_runner %} is a command-line tool that you can add to your third-party CI/CD system. The tool runs {% data variables.product.prodname_codeql %} analysis on a checkout of a {% data variables.product.prodname_dotcom %} repository. For more information, see "[Running {% data variables.product.prodname_code_scanning %} in your CI system](/github/finding-security-vulnerabilities-and-errors-in-your-code/running-codeql-code-scanning-in-your-ci-system)."
+
+{% endif %}
--- a/translations/zh-CN/content/admin/configuration/configuring-your-enterprise/command-line-utilities.md
+++ b/translations/zh-CN/content/admin/configuration/configuring-your-enterprise/command-line-utilities.md
@@ -458,6 +458,16 @@ You can use these additional options with the utility:
 ghe-ssl-ca-certificate-install -c <em>/path/to/certificate</em>
 ```

+### ghe-ssl-certificate-setup
+
+This utility allows you to update an SSL certificate for {% data variables.product.product_location %}. 
+
+For more information about this command or for additional options, use the `-h` flag.
+
+```shell
+ghe-ssl-certificate-setup
+```
+
 ### ghe-ssl-generate-csr

 This utility allows you to generate a private key and certificate signing request (CSR), which you can share with a commercial or private certificate authority to get a valid certificate to use with your instance. For more information, see "[Configuring TLS](/enterprise/{{ currentVersion }}/admin/guides/installation/configuring-tls)."
--- a/translations/zh-CN/content/admin/configuration/configuring-your-enterprise/troubleshooting-ssl-errors.md
+++ b/translations/zh-CN/content/admin/configuration/configuring-your-enterprise/troubleshooting-ssl-errors.md
@@ -80,3 +80,7 @@ $ cat yourdomain.com.crt bundle-certificates.crt > yourdomain.combined.crt
  ```shell
  $ ghe-ssl-ca-certificate-install -c rootCA.crt
  ```
+
+## Updating an SSL certificate
+
+You can generate a new self-signed certificate or update an existing SSL certificate for {% data variables.product.product_location %} with the `ghe-ssl-certificate-setup` command line utility. 更多信息请参阅“[命令行实用程序](/admin/configuration/configuring-your-enterprise/command-line-utilities#ghe-ssl-ca-certificate-setup)”。
--- a/translations/zh-CN/content/admin/github-actions/managing-access-to-actions-from-githubcom/about-using-actions-in-your-enterprise.md
+++ b/translations/zh-CN/content/admin/github-actions/managing-access-to-actions-from-githubcom/about-using-actions-in-your-enterprise.md
@@ -19,6 +19,8 @@ shortTitle: Add actions in your enterprise
 {% data reusables.actions.enterprise-beta %}
 {% data reusables.actions.enterprise-github-hosted-runners %}

+## About actions on {% data variables.product.product_name %}
+
 {% data variables.product.prodname_actions %} workflows can use _actions_, which are individual tasks that you can combine to create jobs and customize your workflow. You can create your own actions, or use and customize actions shared by the {% data variables.product.prodname_dotcom %} community.

 {% data reusables.actions.enterprise-no-internet-actions %}
@@ -39,8 +41,14 @@ Each action is a repository in the `actions` organization, and each action repos

 ## Configuring access to actions on {% data variables.product.prodname_dotcom_the_website %}

+{% ifversion ghes %}
+Before you can configure access to actions on {% data variables.product.prodname_dotcom_the_website %}, you must configure {% data variables.product.product_location %} to use {% data variables.product.prodname_actions %}. For more information, see "[Getting started with {% data variables.product.prodname_actions %} for GitHub Enterprise Server](/admin/github-actions/enabling-github-actions-for-github-enterprise-server/getting-started-with-github-actions-for-github-enterprise-server)."
+{% endif %}
+
 {% data reusables.actions.access-actions-on-dotcom %}

-The recommended approach is to enable automatic access to all actions from {% data variables.product.prodname_dotcom_the_website %}. You can do this by using {% data variables.product.prodname_github_connect %} to integrate {% data variables.product.product_name %} with {% data variables.product.prodname_ghe_cloud %}. For more information, see "[Enabling automatic access to {% data variables.product.prodname_dotcom_the_website %} actions using {% data variables.product.prodname_github_connect %}](/enterprise/admin/github-actions/enabling-automatic-access-to-githubcom-actions-using-github-connect)". {% data reusables.actions.enterprise-limit-actions-use %}
+The recommended approach is to enable automatic access to all actions from {% data variables.product.prodname_dotcom_the_website %}. You can do this by using {% data variables.product.prodname_github_connect %} to integrate {% data variables.product.product_name %} with {% data variables.product.prodname_ghe_cloud %}. For more information, see "[Enabling automatic access to {% data variables.product.prodname_dotcom_the_website %} actions using {% data variables.product.prodname_github_connect %}](/enterprise/admin/github-actions/enabling-automatic-access-to-githubcom-actions-using-github-connect)". 
+
+{% data reusables.actions.enterprise-limit-actions-use %}

 Alternatively, if you want stricter control over which actions are allowed in your enterprise, you can manually download and sync actions onto your enterprise instance using the `actions-sync` tool. For more information, see "[Manually syncing actions from {% data variables.product.prodname_dotcom_the_website %}](/enterprise/admin/github-actions/manually-syncing-actions-from-githubcom)."
--- a/translations/zh-CN/content/admin/github-actions/managing-access-to-actions-from-githubcom/enabling-automatic-access-to-githubcom-actions-using-github-connect.md
+++ b/translations/zh-CN/content/admin/github-actions/managing-access-to-actions-from-githubcom/enabling-automatic-access-to-githubcom-actions-using-github-connect.md
@@ -29,9 +29,11 @@ To use actions from {% data variables.product.prodname_dotcom_the_website %}, yo

 ## Enabling automatic access to all {% data variables.product.prodname_dotcom_the_website %} actions

-{% data reusables.actions.enterprise-github-connect-warning %}
+Before enabling access to all actions from {% data variables.product.prodname_dotcom_the_website %} for your enterprise, you must{% ifversion ghes %}:
+- Configure {% data variables.product.product_location %} to use {% data variables.product.prodname_actions %}. For more information, see "[Getting started with {% data variables.product.prodname_actions %} for GitHub Enterprise Server](/admin/github-actions/enabling-github-actions-for-github-enterprise-server/getting-started-with-github-actions-for-github-enterprise-server)."
+- Enable{% else %} enable{% endif %} {% data variables.product.prodname_github_connect %}. For more information, see "[Managing {% data variables.product.prodname_github_connect %}](/admin/configuration/configuring-github-connect/managing-github-connect)."

-Before enabling access to all actions from {% data variables.product.prodname_dotcom_the_website %} on your enterprise instance, you must connect your enterprise to {% data variables.product.prodname_dotcom_the_website %}. For more information, see "[Connecting your enterprise to {% data variables.product.prodname_ghe_cloud %}](/admin/configuration/managing-connections-between-your-enterprise-accounts/connecting-your-enterprise-account-to-github-enterprise-cloud)."
+{% data reusables.actions.enterprise-github-connect-warning %}

 {% data reusables.enterprise-accounts.access-enterprise %}
 {%- ifversion ghes < 3.1 %}
--- a/translations/zh-CN/content/admin/identity-and-access-management/managing-iam-for-your-enterprise/configuring-saml-single-sign-on-for-your-enterprise.md
+++ b/translations/zh-CN/content/admin/identity-and-access-management/managing-iam-for-your-enterprise/configuring-saml-single-sign-on-for-your-enterprise.md
@@ -33,6 +33,10 @@ redirect_from:

 {% data reusables.saml.about-saml-access-enterprise-account %} For more information, see "[Viewing and managing a user's SAML access to your enterprise account](/admin/user-management/managing-users-in-your-enterprise/viewing-and-managing-a-users-saml-access-to-your-enterprise)."

+{% data reusables.saml.cannot-update-existing-saml-settings %}
+
+{% data reusables.saml.saml-disabled-linked-identities-removed %}
+
 {% data reusables.scim.enterprise-account-scim %}

 {% elsif ghae %}
--- a/translations/zh-CN/content/admin/identity-and-access-management/managing-iam-with-enterprise-managed-users/configuring-saml-single-sign-on-for-enterprise-managed-users.md
+++ b/translations/zh-CN/content/admin/identity-and-access-management/managing-iam-with-enterprise-managed-users/configuring-saml-single-sign-on-for-enterprise-managed-users.md
@@ -25,6 +25,8 @@ With {% data variables.product.prodname_emus %}, your enterprise uses SAML SSO t

 After you configure SAML SSO, we recommend storing your recovery codes so you can recover access to your enterprise in the event that your identity provider is unavailable. For more information, see "[Saving your recovery codes](#saving-your-recovery-codes)."

+{% data reusables.saml.cannot-update-existing-saml-settings %}
+
 ## Configuring SAML single sign-on for {% data variables.product.prodname_emus %}

 To configure SAML SSO for your {% data variables.product.prodname_emu_enterprise %}, you must configure an application on your IdP and then configure your enterprise on GitHub.com. After you configure SAML SSO, you can configure user provisioning.
--- a/translations/zh-CN/content/admin/user-management/migrating-data-to-and-from-your-enterprise/exporting-migration-data-from-your-enterprise.md
+++ b/translations/zh-CN/content/admin/user-management/migrating-data-to-and-from-your-enterprise/exporting-migration-data-from-your-enterprise.md
@@ -98,7 +98,7 @@ shortTitle: Export from your enterprise
  > logout
  > Connection to <em>hostname</em> closed.
  ```
-9. Copy the migration archive to your computer using the [`scp`](https://linuxacademy.com/blog/linux/ssh-and-scp-howto-tips-tricks#scp) command. The archive file will be named with the Migration GUID:
+9. Copy the migration archive to your computer using the [`scp`](https://acloudguru.com/blog/engineering/ssh-and-scp-howto-tips-tricks#scp) command. The archive file will be named with the Migration GUID:
  ```shell
  $ scp -P 122 admin@<em>hostname</em>:/data/github/current/tmp/<em>MIGRATION_GUID</em>.tar.gz ~/Desktop
  ```
--- a/translations/zh-CN/content/admin/user-management/migrating-data-to-and-from-your-enterprise/preparing-to-migrate-data-to-your-enterprise.md
+++ b/translations/zh-CN/content/admin/user-management/migrating-data-to-and-from-your-enterprise/preparing-to-migrate-data-to-your-enterprise.md
@@ -20,7 +20,7 @@ shortTitle: 准备迁移数据

 ## 准备迁移的数据以导入到 {% data variables.product.prodname_ghe_server %}

-1. 使用 [`scp`](https://linuxacademy.com/blog/linux/ssh-and-scp-howto-tips-tricks#scp) 命令将从源实例或组织生成的迁移存档复制到 {% data variables.product.prodname_ghe_server %} 目标：
+1. 使用 [`scp`](https://acloudguru.com/blog/engineering/ssh-and-scp-howto-tips-tricks#scp) 命令将从源实例或组织生成的迁移存档复制到 {% data variables.product.prodname_ghe_server %} 目标：

    ```shell
    $ scp -P 122 <em>/path/to/archive/MIGRATION_GUID.tar.gz</em> admin@<em>hostname</em>:/home/admin/
@@ -44,7 +44,7 @@ shortTitle: 准备迁移数据
    $ ghe-migrator conflicts -g <em>MIGRATION_GUID</em> > conflicts.csv
    ```
    - 如果未报告冲突，您可以按照“[将数据迁移到企业](/enterprise/admin/guides/migrations/applying-the-imported-data-on-github-enterprise-server/)”中的步骤操作，安全地导入数据。
-2. 如果存在冲突，请使用 [`scp`](https://linuxacademy.com/blog/linux/ssh-and-scp-howto-tips-tricks#scp) 命令将 *conflicts.csv* 复制到您的本地计算机：
+2. 如果存在冲突，请使用 [`scp`](https://acloudguru.com/blog/engineering/ssh-and-scp-howto-tips-tricks#scp) 命令将 *conflicts.csv* 复制到您的本地计算机：
  ```shell
  $ scp -P 122 admin@<em>hostname</em>:conflicts.csv ~/Desktop
  ```
@@ -134,7 +134,7 @@ $ ghe-migrator audit -m user -g <em>MIGRATION_GUID</em> > users.csv

 ### 应用修改的迁移数据

-1. 进行更改后，请使用 [`scp`](https://linuxacademy.com/blog/linux/ssh-and-scp-howto-tips-tricks#scp) 命令将修改后的 *conflicts.csv*（或格式正确的任何其他映射 *.csv* 文件）应用到目标实例：
+1. 进行更改后，请使用 [`scp`](https://acloudguru.com/blog/engineering/ssh-and-scp-howto-tips-tricks#scp) 命令将修改后的 *conflicts.csv*（或格式正确的任何其他映射 *.csv* 文件）应用到目标实例：

    ```shell
    $ scp -P 122 ~/Desktop/conflicts.csv admin@<em>hostname</em>:/home/admin/
--- a/translations/zh-CN/content/authentication/authenticating-with-saml-single-sign-on/authorizing-a-personal-access-token-for-use-with-saml-single-sign-on.md
+++ b/translations/zh-CN/content/authentication/authenticating-with-saml-single-sign-on/authorizing-a-personal-access-token-for-use-with-saml-single-sign-on.md
@@ -20,9 +20,8 @@ shortTitle: 使用 SAML 的 PAT
 {% data reusables.user_settings.access_settings %}
 {% data reusables.user_settings.developer_settings %}
 {% data reusables.user_settings.personal_access_tokens %}
-3. 在要授权的令牌旁边，单击 **Enable SSO（启用 SSO）**或 **Disable SSO（禁用 SSO）**。 ![SSO 令牌授权按钮](/assets/images/help/settings/sso-allowlist-button.png)
-4. 找到要为其授权访问令牌的组织。
-4. 单击 **Authorize（授权）**。 ![令牌授权按钮](/assets/images/help/settings/token-authorize-button.png)
+3. Next to the token you'd like to authorize, click **Configure SSO**. ![Screenshot of the dropdown menu to configure SSO for a personal access token](/assets/images/help/settings/sso-allowlist-button.png)
+4. To the right of the organization you'd like to authorize the token for, click **Authorize**. ![令牌授权按钮](/assets/images/help/settings/token-authorize-button.png)

 ## 延伸阅读

--- a/translations/zh-CN/content/authentication/keeping-your-account-and-data-secure/about-githubs-ip-addresses.md
+++ b/translations/zh-CN/content/authentication/keeping-your-account-and-data-secure/about-githubs-ip-addresses.md
@@ -29,7 +29,7 @@ shortTitle: GitHub 的 IP 地址

 These IP addresses are used by {% data variables.product.prodname_dotcom %} to serve our content, deliver webhooks, and perform hosted {% data variables.product.prodname_actions %} builds.

-这些范围在 [CIDR 表示法](https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing#CIDR_notation)中。 您可以使用在线转换工具（例如s这个  [CIDR / VLSM Supernet Calculator](http://www.subnet-calculator.com/cidr.php)）将 CIDR 表示法转换为 IP 地址范围。
+这些范围在 [CIDR 表示法](https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing#CIDR_notation)中。 You can use an online conversion tool to convert from CIDR notation to IP address ranges, for example: [CIDR to IPv4 conversion site](https://www.ipaddressguide.com/cidr).

 我们会不时更改我们的 IP 地址。 不建议按 IP 地址来创建允许名单，但如果您使用这些 IP 范围，强烈建议经常监控我们的 API。

--- a/translations/zh-CN/content/billing/managing-billing-for-github-codespaces/managing-spending-limits-for-codespaces.md
+++ b/translations/zh-CN/content/billing/managing-billing-for-github-codespaces/managing-spending-limits-for-codespaces.md
@@ -54,10 +54,12 @@ If you purchased {% data variables.product.prodname_enterprise %} through a Micr
 {% data reusables.codespaces.exporting-changes %}
 ## 管理使用和支出限制电子邮件通知

-Email notifications are sent to account owners and billing managers when spending reaches 50%, 75%, and 90% of your account's spending limit.
+Email notifications are sent to account owners and billing managers when spending reaches 50%, 75%, 90%, and 100% of your account's spending limit.

 You can disable these notifications anytime by navigating to the bottom of the **Spending Limit** page.

+![Screenshot of the billing email notification settings](/assets/images/help/billing/codespaces-spending-limit-notifications.png)
+
 ## 延伸阅读

 - "[Restricting access to machine types](/codespaces/managing-codespaces-for-your-organization/restricting-access-to-machine-types)"
--- a/translations/zh-CN/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning.md
+++ b/translations/zh-CN/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning.md
@@ -29,14 +29,17 @@ shortTitle: Configure code scanning
 {% data reusables.code-scanning.beta %}
 {% data reusables.code-scanning.enterprise-enable-code-scanning-actions %}

+{% ifversion ghes or ghae %}
+{% note %}
+
+**Note:** This article describes the features available with the version of the CodeQL action and associated CodeQL CLI bundle included in the initial release of this version of {% data variables.product.product_name %}. If your enterprise uses a more recent version of the CodeQL action, see the [{% data variables.product.prodname_ghe_cloud %} article](/enterprise-cloud@latest/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning) for information on the latest features. {% ifversion not ghae %} For information on using the latest version, see "[Configuring code scanning for your appliance](/admin/advanced-security/configuring-code-scanning-for-your-appliance#configuring-codeql-analysis-on-a-server-without-internet-access)."{% endif %}
+
+{% endnote %}
+{% endif %}
+
 ## About {% data variables.product.prodname_code_scanning %} configuration

-You can run {% data variables.product.prodname_code_scanning %} on {% data variables.product.product_name %}, using {% data variables.product.prodname_actions %}, or from your continuous integration (CI) system. For more information, see "[About {% data variables.product.prodname_actions %}](/actions/getting-started-with-github-actions/about-github-actions)" or 
-{%- ifversion fpt or ghes > 3.0 or ghae %}
-"[About {% data variables.product.prodname_codeql %} {% data variables.product.prodname_code_scanning %} in your CI system](/code-security/secure-coding/about-codeql-code-scanning-in-your-ci-system)."
-{%- else %}
-"[Running {% data variables.product.prodname_codeql_runner %} in your CI system](/code-security/secure-coding/running-codeql-runner-in-your-ci-system)."
-{% endif %}
+You can run {% data variables.product.prodname_code_scanning %} on {% data variables.product.product_name %}, using {% data variables.product.prodname_actions %}, or from your continuous integration (CI) system. For more information, see "[About {% data variables.product.prodname_actions %}](/actions/getting-started-with-github-actions/about-github-actions)" or "[About {% data variables.product.prodname_codeql %} {% data variables.product.prodname_code_scanning %} in your CI system](/code-security/secure-coding/about-codeql-code-scanning-in-your-ci-system)."

 This article is about running {% data variables.product.prodname_code_scanning %} on {% data variables.product.product_name %} using actions.

--- a/translations/zh-CN/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/running-codeql-code-scanning-in-a-container.md
+++ b/translations/zh-CN/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/running-codeql-code-scanning-in-a-container.md
@@ -25,17 +25,12 @@ topics:


 {% data reusables.code-scanning.beta %}
-{% data reusables.code-scanning.deprecation-codeql-runner %}

 ## 关于使用容器化构建的 {% data variables.product.prodname_code_scanning %}

 如果为编译语言设置 {% data variables.product.prodname_code_scanning %}，并且在容器化环境中构建代码，则分析可能会失败，并返回错误消息“No source code was seen during the build（在构建过程中没有看到源代码）”。 这表明 {% data variables.product.prodname_codeql %} 在代码编译过程中无法监视代码。

-{% ifversion fpt or ghes > 3.0 or ghae or ghec %}
-您必须在构建代码的容器中运行 {% data variables.product.prodname_codeql %}。 无论您使用的是 {% data variables.product.prodname_codeql_cli %}、{% data variables.product.prodname_codeql_runner %} 还是 {% data variables.product.prodname_actions %}，这都适用。 对于 {% data variables.product.prodname_codeql_cli %} 或 {% data variables.product.prodname_codeql_runner %}，请参阅“[在 CI 系统中安装 {% data variables.product.prodname_codeql_cli %}](/code-security/secure-coding/using-codeql-code-scanning-with-your-existing-ci-system/installing-codeql-cli-in-your-ci-system)”或“[在 CI 系统中运行 {% data variables.product.prodname_codeql_runner %}](/code-security/secure-coding/running-codeql-runner-in-your-ci-system)”以了解更多信息。 如果您使用 {% data variables.product.prodname_actions %}，请配置工作流程以在同一容器中运行所有操作。 更多信息请参阅“[示例工作流程](#example-workflow)”。
-{% else %}
-您必须在构建代码的容器中运行 {% data variables.product.prodname_codeql %}。 无论您使用的是 {% data variables.product.prodname_codeql_runner %} 还是 {% data variables.product.prodname_actions %}，这都适用。 对于 {% data variables.product.prodname_codeql_runner %}，请参阅“[在 CI 系统中运行 {% data variables.product.prodname_codeql_runner %}](/code-security/secure-coding/running-codeql-runner-in-your-ci-system)”以了解更多信息。 如果您使用 {% data variables.product.prodname_actions %}，请配置工作流程以在同一容器中运行所有操作。 更多信息请参阅“[示例工作流程](#example-workflow)”。
-{% endif %}
+您必须在构建代码的容器中运行 {% data variables.product.prodname_codeql %}。 This applies whether you are using the {% data variables.product.prodname_codeql_cli %}{% if codeql-runner-supported %}, the {% data variables.product.prodname_codeql_runner %},{% endif %} or {% data variables.product.prodname_actions %}. For the {% data variables.product.prodname_codeql_cli %} {% if codeql-runner-supported %}or the {% data variables.product.prodname_codeql_runner %}{% endif %}, see "[Installing {% data variables.product.prodname_codeql_cli %} in your CI system](/code-security/secure-coding/using-codeql-code-scanning-with-your-existing-ci-system/installing-codeql-cli-in-your-ci-system)"{% if codeql-runner-supported %} or "[Running {% data variables.product.prodname_codeql_runner %} in your CI system](/code-security/secure-coding/running-codeql-runner-in-your-ci-system)"{% endif %} for more information. 如果您使用 {% data variables.product.prodname_actions %}，请配置工作流程以在同一容器中运行所有操作。 更多信息请参阅“[示例工作流程](#example-workflow)”。

 ## 依赖项

@@ -47,6 +42,14 @@ topics:

 ## 示例工作流程

+{% ifversion ghes or ghae %}
+{% note %}
+
+**Note:** This article describes the features available with the version of the CodeQL action and associated CodeQL CLI bundle included in the initial release of this version of {% data variables.product.product_name %}. If your enterprise uses a more recent version of the CodeQL action, see the [{% data variables.product.prodname_ghe_cloud %} article](/enterprise-cloud@latest/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/running-codeql-code-scanning-in-a-container) for information on the latest features.{% ifversion not ghae %} For information on using the latest version, see "[Configuring code scanning for your appliance](/admin/advanced-security/configuring-code-scanning-for-your-appliance#configuring-codeql-analysis-on-a-server-without-internet-access)."{% endif %}
+
+{% endnote %}
+{% endif %}
+
 此示例工作流程在容器化环境中使用 {% data variables.product.prodname_actions %} 运行 {% data variables.product.prodname_codeql %} 分析。 `container.image` 的值标识要要使用的容器。 在此示例中，映像名称为 `codeql-container`，标记为 `f0f91db`。 更多信息请参阅“[{% data variables.product.prodname_actions %} 的工作流程语法](/actions/reference/workflow-syntax-for-github-actions#jobsjob_idcontainer)”。

 ``` yaml
--- a/translations/zh-CN/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/setting-up-code-scanning-for-a-repository.md
+++ b/translations/zh-CN/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/setting-up-code-scanning-for-a-repository.md
@@ -43,6 +43,14 @@ Enterprise owners, organization and repository administrators can add self-hoste

 ## Setting up {% data variables.product.prodname_code_scanning %} using actions

+{% ifversion ghes or ghae %}
+{% note %}
+
+**Note:** This article describes the features available with the version of the CodeQL action and associated CodeQL CLI bundle included in the initial release of this version of {% data variables.product.product_name %}. If your enterprise uses a more recent version of the CodeQL action, see the [{% data variables.product.prodname_ghe_cloud %} article](/enterprise-cloud@latest/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/setting-up-code-scanning-for-a-repository) for information on the latest features. {% ifversion not ghae %} For information on using the latest version, see "[Configuring code scanning for your appliance](/admin/advanced-security/configuring-code-scanning-for-your-appliance#configuring-codeql-analysis-on-a-server-without-internet-access)."{% endif %}
+
+{% endnote %}
+{% endif %}
+
 {% ifversion fpt or ghec %}Using actions to run {% data variables.product.prodname_code_scanning %} will use minutes. For more information, see "[About billing for {% data variables.product.prodname_actions %}](/billing/managing-billing-for-github-actions/about-billing-for-github-actions)."{% endif %}

 {% data reusables.repositories.navigate-to-repo %}
--- a/translations/zh-CN/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/troubleshooting-the-codeql-workflow.md
+++ b/translations/zh-CN/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/troubleshooting-the-codeql-workflow.md
@@ -31,6 +31,14 @@ topics:
 {% data reusables.code-scanning.beta %}
 {% data reusables.code-scanning.not-available %}

+{% ifversion ghes or ghae %}
+{% note %}
+
+**Note:** This article describes the features available with the version of the CodeQL action and associated CodeQL CLI bundle included in the initial release of this version of {% data variables.product.product_name %}. If your enterprise uses a more recent version of the CodeQL action, see the [{% data variables.product.prodname_ghe_cloud %} article](/enterprise-cloud@latest/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/troubleshooting-the-codeql-workflow) for information on the latest features. {% ifversion not ghae %} For information on using the latest version, see "[Configuring code scanning for your appliance](/admin/advanced-security/configuring-code-scanning-for-your-appliance#configuring-codeql-analysis-on-a-server-without-internet-access)."{% endif %}
+
+{% endnote %}
+{% endif %}
+
 ## Producing detailed logs for debugging

 To produce more detailed logging output, you can enable step debug logging. For more information, see "[Enabling debug logging](/actions/managing-workflow-runs/enabling-debug-logging#enabling-step-debug-logging)."
--- a/translations/zh-CN/content/code-security/code-scanning/integrating-with-code-scanning/sarif-support-for-code-scanning.md
+++ b/translations/zh-CN/content/code-security/code-scanning/integrating-with-code-scanning/sarif-support-for-code-scanning.md
@@ -24,7 +24,6 @@ topics:


 {% data reusables.code-scanning.beta %}
-{% data reusables.code-scanning.deprecation-codeql-runner %}

 ## About SARIF support

@@ -32,10 +31,7 @@ SARIF (Static Analysis Results Interchange Format) is an [OASIS Standard](https:

 To upload a SARIF file from a third-party static code analysis engine, you'll need to ensure that uploaded files use the SARIF 2.1.0 version. {% data variables.product.prodname_dotcom %} will parse the SARIF file and show alerts using the results in your repository as a part of the {% data variables.product.prodname_code_scanning %} experience. For more information, see "[Uploading a SARIF file to {% data variables.product.prodname_dotcom %}](/code-security/secure-coding/uploading-a-sarif-file-to-github)." For more information about the SARIF 2.1.0 JSON schema, see [`sarif-schema-2.1.0.json`](https://github.com/oasis-tcs/sarif-spec/blob/master/Documents/CommitteeSpecifications/2.1.0/sarif-schema-2.1.0.json).

-If you're using {% data variables.product.prodname_actions %} with the {% data variables.product.prodname_codeql_workflow %} or using the {% data variables.product.prodname_codeql_runner %}, then the {% data variables.product.prodname_code_scanning %} results will automatically use the supported subset of SARIF 2.1.0. For more information, see "[Setting up {% data variables.product.prodname_code_scanning %} for a repository](/code-security/secure-coding/setting-up-code-scanning-for-a-repository)" or "[Running {% data variables.product.prodname_codeql_runner %} in your CI system](/code-security/secure-coding/running-codeql-runner-in-your-ci-system)."
-
-{% ifversion fpt or ghes > 3.0 or ghae or ghec %}
-If you're using the {% data variables.product.prodname_codeql_cli %}, then you can specify the version of SARIF to use. For more information, see "[Configuring {% data variables.product.prodname_codeql_cli %} in your CI system](/code-security/secure-coding/using-codeql-code-scanning-with-your-existing-ci-system/configuring-codeql-cli-in-your-ci-system#analyzing-a-codeql-database)."{% endif %}
+If you're using {% data variables.product.prodname_actions %} with the {% data variables.product.prodname_codeql_workflow %}{% if codeql-runner-supported %}, using the {% data variables.product.prodname_codeql_runner %},{% endif %} or using the {% data variables.product.prodname_codeql_cli %}, then the {% data variables.product.prodname_code_scanning %} results will automatically use the supported subset of SARIF 2.1.0. For more information, see "[Setting up {% data variables.product.prodname_code_scanning %} for a repository](/code-security/secure-coding/setting-up-code-scanning-for-a-repository)"{% if codeql-runner-supported %}, "[Running {% data variables.product.prodname_codeql_runner %} in your CI system](/code-security/secure-coding/running-codeql-runner-in-your-ci-system)",{% endif %} or "[Installing CodeQL CLI in your CI system](/code-security/code-scanning/using-codeql-code-scanning-with-your-existing-ci-system/installing-codeql-cli-in-your-ci-system)."

 {% ifversion fpt or ghes > 3.1 or ghae or ghec %}
 You can upload multiple SARIF files for the same commit, and display the data from each file as {% data variables.product.prodname_code_scanning %} results. When you upload multiple SARIF files for a commit, you must indicate a "category" for each analysis. The way to specify a category varies according to the analysis method:
@@ -57,7 +53,7 @@ Each time the results of a new code scan are uploaded, the results are processed

 {% data variables.product.prodname_dotcom %} uses the `partialFingerprints` property in the OASIS standard to detect when two results are logically identical. For more information, see the "[partialFingerprints property](https://docs.oasis-open.org/sarif/sarif/v2.1.0/cs01/sarif-v2.1.0-cs01.html#_Toc16012611)" entry in the OASIS documentation.

-SARIF files created by the {% data variables.product.prodname_codeql_workflow %} or using the {% data variables.product.prodname_codeql_runner %} include fingerprint data. If you upload a SARIF file using the `upload-sarif` action and this data is missing, {% data variables.product.prodname_dotcom %} attempts to populate the `partialFingerprints` field from the source files. For more information about uploading results, see "[Uploading a SARIF file to {% data variables.product.prodname_dotcom %}](/code-security/secure-coding/uploading-a-sarif-file-to-github#uploading-a-code-scanning-analysis-with-github-actions)."
+SARIF files created by the {% data variables.product.prodname_codeql_workflow %}, {% if codeql-runner-supported %}using the {% data variables.product.prodname_codeql_runner %}, {% endif %}or using the {% data variables.product.prodname_codeql_cli %} include fingerprint data. If you upload a SARIF file using the `upload-sarif` action and this data is missing, {% data variables.product.prodname_dotcom %} attempts to populate the `partialFingerprints` field from the source files. For more information about uploading results, see "[Uploading a SARIF file to {% data variables.product.prodname_dotcom %}](/code-security/secure-coding/uploading-a-sarif-file-to-github#uploading-a-code-scanning-analysis-with-github-actions)."

 If you upload a SARIF file without fingerprint data using the `/code-scanning/sarifs` API endpoint, the {% data variables.product.prodname_code_scanning %} alerts will be processed and displayed, but users may see duplicate alerts. To avoid seeing duplicate alerts, you should calculate fingerprint data and populate the `partialFingerprints` property before you upload the SARIF file. You may find the script that the `upload-sarif` action uses a helpful starting point: https://github.com/github/codeql-action/blob/main/src/fingerprints.ts. For more information about the API, see "[Upload an analysis as SARIF data](/rest/reference/code-scanning#upload-an-analysis-as-sarif-data)."

--- a/translations/zh-CN/content/code-security/code-scanning/integrating-with-code-scanning/uploading-a-sarif-file-to-github.md
+++ b/translations/zh-CN/content/code-security/code-scanning/integrating-with-code-scanning/uploading-a-sarif-file-to-github.md
@@ -28,7 +28,6 @@ topics:

 {% data reusables.code-scanning.beta %}
 {% data reusables.code-scanning.enterprise-enable-code-scanning %}
-{% data reusables.code-scanning.deprecation-codeql-runner %}

 ## About SARIF file uploads for {% data variables.product.prodname_code_scanning %}

@@ -36,12 +35,12 @@ topics:

 You can generate SARIF files using many static analysis security testing tools, including {% data variables.product.prodname_codeql %}. The results must use SARIF version 2.1.0. For more information, see "[SARIF support for {% data variables.product.prodname_code_scanning %}](/code-security/secure-coding/sarif-support-for-code-scanning)."

-You can upload the results using {% data variables.product.prodname_actions %}, the {% data variables.product.prodname_code_scanning %} API, {% ifversion fpt or ghes > 3.0 or ghae or ghec %}the {% data variables.product.prodname_codeql_cli %}, {% endif %}or the {% data variables.product.prodname_codeql_runner %}. The best upload method will depend on how you generate the SARIF file, for example, if you use:
+You can upload the results using {% data variables.product.prodname_actions %}, the {% data variables.product.prodname_code_scanning %} API,{% if codeql-runner-supported %} the {% data variables.product.prodname_codeql_runner %},{% endif %} or the {% data variables.product.prodname_codeql_cli %}. The best upload method will depend on how you generate the SARIF file, for example, if you use:

 - {% data variables.product.prodname_actions %} to run the {% data variables.product.prodname_codeql %} action, there is no further action required. The {% data variables.product.prodname_codeql %} action uploads the SARIF file automatically when it completes analysis.
- {% data variables.product.prodname_actions %} to run a SARIF-compatible analysis tool, you could update the workflow to include a final step that uploads the results (see below). {% ifversion fpt or ghes > 3.0 or ghae or ghec %}
- - The {% data variables.product.prodname_codeql_cli %} to run {% data variables.product.prodname_code_scanning %} in your CI system, you can use the CLI to upload results to {% data variables.product.prodname_dotcom %} (for more information, see "[Installing {% data variables.product.prodname_codeql_cli %} in your CI system](/code-security/secure-coding/using-codeql-code-scanning-with-your-existing-ci-system/installing-codeql-cli-in-your-ci-system)").{% endif %}
- The {% data variables.product.prodname_codeql_runner %}, to run {% data variables.product.prodname_code_scanning %} in your CI system, by default the runner automatically uploads results to {% data variables.product.prodname_dotcom %} on completion. If you block the automatic upload, when you are ready to upload results you can use the `upload` command (for more information, see "[Running {% data variables.product.prodname_codeql_runner %} in your CI system](/code-security/secure-coding/running-codeql-runner-in-your-ci-system)").
+- {% data variables.product.prodname_actions %} to run a SARIF-compatible analysis tool, you could update the workflow to include a final step that uploads the results (see below).
+ - The {% data variables.product.prodname_codeql_cli %} to run {% data variables.product.prodname_code_scanning %} in your CI system, you can use the CLI to upload results to {% data variables.product.prodname_dotcom %} (for more information, see "[Installing {% data variables.product.prodname_codeql_cli %} in your CI system](/code-security/secure-coding/using-codeql-code-scanning-with-your-existing-ci-system/installing-codeql-cli-in-your-ci-system)").{% if codeql-runner-supported %}
+- The {% data variables.product.prodname_codeql_runner %}, to run {% data variables.product.prodname_code_scanning %} in your CI system, by default the runner automatically uploads results to {% data variables.product.prodname_dotcom %} on completion. If you block the automatic upload, when you are ready to upload results you can use the `upload` command (for more information, see "[Running {% data variables.product.prodname_codeql_runner %} in your CI system](/code-security/secure-coding/running-codeql-runner-in-your-ci-system)").{% endif %}
 - A tool that generates results as an artifact outside of your repository, you can use the {% data variables.product.prodname_code_scanning %} API to upload the file (for more information, see "[Upload an analysis as SARIF data](/rest/reference/code-scanning#upload-an-analysis-as-sarif-data)").

 {% data reusables.code-scanning.not-available %}
@@ -143,7 +142,6 @@ jobs:
 ## Further reading

 - "[Workflow syntax for {% data variables.product.prodname_actions %}](/actions/reference/workflow-syntax-for-github-actions)"
- "[Viewing your workflow history](/actions/managing-workflow-runs/viewing-workflow-run-history)"{%- ifversion fpt or ghes > 3.0 or ghae %}
- "[About {% data variables.product.prodname_codeql %} {% data variables.product.prodname_code_scanning %} in your CI system](/code-security/secure-coding/about-codeql-code-scanning-in-your-ci-system)"{% else %}
- "[Running {% data variables.product.prodname_codeql_runner %} in your CI system](/code-security/secure-coding/running-codeql-runner-in-your-ci-system)"{% endif %}
+- "[Viewing your workflow history](/actions/managing-workflow-runs/viewing-workflow-run-history)"
+- "[About {% data variables.product.prodname_codeql %} {% data variables.product.prodname_code_scanning %} in your CI system](/code-security/secure-coding/about-codeql-code-scanning-in-your-ci-system)"
 - "[Upload an analysis as SARIF data](/rest/reference/code-scanning#upload-an-analysis-as-sarif-data)"
--- a/translations/zh-CN/content/code-security/code-scanning/using-codeql-code-scanning-with-your-existing-ci-system/about-codeql-code-scanning-in-your-ci-system.md
+++ b/translations/zh-CN/content/code-security/code-scanning/using-codeql-code-scanning-with-your-existing-ci-system/about-codeql-code-scanning-in-your-ci-system.md
@@ -55,9 +55,9 @@ redirect_from:
 {% data reusables.code-scanning.licensing-note %}

 {% ifversion ghes = 3.2 %}
-<!-- Content for GHES 3.2 only. CodeQL CLI 2.6.2, which introduces full feature parity between CodeQL CLI and CodeQL runner, is officially recommended for GHES 3.3+, so some people may need to use the CodeQL runner -->
+<!-- Content for GHES 3.2 only. CodeQL CLI 2.6.2, which introduces full feature parity between CodeQL CLI and CodeQL runner, is officially recommended for GHES 3.0+ -->

-{% data reusables.code-scanning.use-codeql-runner-not-cli %}
+Since version 2.6.3, the {% data variables.product.prodname_codeql_cli %} has had full feature parity with the {% data variables.product.prodname_codeql_runner %}.

 {% data reusables.code-scanning.deprecation-codeql-runner %}

@@ -66,39 +66,25 @@ redirect_from:
 {% endif %}

 <!--Content for GHES 3.1 only. Both CodeQL CLI and CodeQL runner are available -->
-{% ifversion ghes = 3.1 %}
+{% ifversion ghes < 3.2 %}
 将 {% data variables.product.prodname_codeql_cli %} 或 {% data variables.product.prodname_codeql_runner %} 添加到第三方系统，然后调用工具分析代码并将 SARIF 结果上传到 {% data variables.product.product_name %}。 由此产生的 {% data variables.product.prodname_code_scanning %} 警报与 {% data variables.product.product_name %} 内生成的任何警报一起显示。

+[{% data variables.product.prodname_codeql_cli %}](https://github.com/github/codeql-cli-binaries/releases) version 2.6.3 is available now for {% data variables.product.prodname_ghe_server %} 3.0 and later versions. For more information on migrating to the {% data variables.product.prodname_codeql_cli %}, see "[Migrating from the CodeQL runner to CodeQL CLI](/code-security/code-scanning/using-codeql-code-scanning-with-your-existing-ci-system/migrating-from-the-codeql-runner-to-codeql-cli)."
+
 {% data reusables.code-scanning.upload-sarif-ghas %}

 ## 比较 {% data variables.product.prodname_codeql_cli %}与 {% data variables.product.prodname_codeql_runner %}

 {% data reusables.code-scanning.what-is-codeql-cli %}

-{% data variables.product.prodname_codeql_runner %} 是一个命令行工具，它使用 {% data variables.product.prodname_codeql_cli %} 分析代码并将结果上传到 {% data variables.product.product_name %}。 该工具使用操作在 {% data variables.product.product_name %} 内本地模拟分析运行。 运行器能够集成比 CLI 更复杂的构建环境，但这种能力会使设置更加困难和容易发生错误。 调试任何问题也更加困难。 一般情况下，最好直接使用 {% data variables.product.prodname_codeql_cli %}，除非它不支持您的用例。
+The {% data variables.product.prodname_codeql_runner %} is a deprecated command-line tool that uses the {% data variables.product.prodname_codeql_cli %} to analyze code and upload the results to {% data variables.product.product_name %}. 该工具使用操作在 {% data variables.product.product_name %} 内本地模拟分析运行。

-使用 {% data variables.product.prodname_codeql_cli %} 分析：
-
- 动态语言，例如 JavaScript 和 Python。
- 具有编译语言的代码库，可以用单个命令或运行单个脚本来构建。
+{% data variables.product.prodname_codeql_cli %} 2.6.3 is a complete replacement for the runner with full feature parity. Generally, it is better to use the {% data variables.product.prodname_codeql_cli %} directly.

 更多信息请参阅“[在 CI 系统中安装 {% data variables.product.prodname_codeql_cli %}](/code-security/secure-coding/using-codeql-code-scanning-with-your-existing-ci-system/installing-codeql-cli-in-your-ci-system)”。

-{% data reusables.code-scanning.use-codeql-runner-not-cli %}
-
 {% data reusables.code-scanning.deprecation-codeql-runner %}

-更多信息请参阅“[在 CI 系统中运行 {% data variables.product.prodname_codeql_runner %}](/code-security/secure-coding/running-codeql-runner-in-your-ci-system)”。
+有关 {% data variables.product.prodname_codeql_runner %} 的更多信息，请参阅“[在 CI 系统中运行 {% data variables.product.prodname_codeql_runner %}](/code-security/secure-coding/running-codeql-runner-in-your-ci-system)”。

 {% endif %}
-
-<!--Content for GHES 3.0 only. Only CodeQL runner is available -->
-{% ifversion ghes = 3.0 %}
-{% data reusables.code-scanning.upload-sarif-ghas %}
-
-将 {% data variables.product.prodname_codeql_runner %} 添加到第三方系统，然后调用工具分析代码并将 SARIF 结果上传到 {% data variables.product.product_name %}。 由此产生的 {% data variables.product.prodname_code_scanning %} 警报与 {% data variables.product.product_name %} 内生成的任何警报一起显示。
-
-{% data reusables.code-scanning.deprecation-codeql-runner %}
-
-要在 CI 系统中设置代码扫描，请参阅“[在 CI 系统中运行 {% data variables.product.prodname_codeql_runner %}](/code-security/secure-coding/running-codeql-runner-in-your-ci-system)”。
-{% endif %}
--- a/translations/zh-CN/content/code-security/code-scanning/using-codeql-code-scanning-with-your-existing-ci-system/configuring-codeql-cli-in-your-ci-system.md
+++ b/translations/zh-CN/content/code-security/code-scanning/using-codeql-code-scanning-with-your-existing-ci-system/configuring-codeql-cli-in-your-ci-system.md
@@ -8,7 +8,7 @@ redirect_from:
  - /code-security/secure-coding/using-codeql-code-scanning-with-your-existing-ci-system/configuring-codeql-cli-in-your-ci-system
 versions:
  fpt: '*'
-  ghes: '>=3.1'
+  ghes: '>=3.0'
  ghae: '*'
  ghec: '*'
 type: how_to
@@ -24,6 +24,14 @@ topics:
 ---
 {% data reusables.code-scanning.enterprise-enable-code-scanning %}

+{% ifversion ghes or ghae %}
+{% note %}
+
+**Note:** This article describes features present in the version of {% data variables.product.prodname_codeql_cli %} available at the time of the release of {% data variables.product.product_name %}. If your enterprise uses a more recent version of {% data variables.product.prodname_codeql_cli %}, see the [{% data variables.product.prodname_ghe_cloud %} documentation](/enterprise-cloud@latest/code-security/code-scanning/using-codeql-code-scanning-with-your-existing-ci-system/configuring-codeql-cli-in-your-ci-system) instead.
+
+{% endnote %}
+{% endif %}
+
 ## About generating code scanning results with {% data variables.product.prodname_codeql_cli %}

 Once you've made the {% data variables.product.prodname_codeql_cli %} available to servers in your CI system, and ensured that they can authenticate with {% data variables.product.product_name %}, you're ready to generate data.
@@ -329,22 +337,6 @@ By default, {% data variables.product.prodname_code_scanning %} expects one SARI

 If you want to upload more than one set of results to the {% data variables.product.prodname_code_scanning %} API for a commit in a repository, you must identify each set of results as a unique set. For repositories where you create more than one {% data variables.product.prodname_codeql %} database to analyze for each commit, use the `--sarif-category` option to specify a language or other unique category for each SARIF file that you generate for that repository.

-### Alternative if your CI system cannot trigger the {% data variables.product.prodname_codeql_cli %}
-
-{% ifversion fpt or ghes > 3.2 or ghae or ghec %}
-
-If your CI system cannot trigger the {% data variables.product.prodname_codeql_cli %} autobuild and you cannot specify a command line for the build, you can use indirect build tracing to create {% data variables.product.prodname_codeql %} databases for compiled languages. For more information, see [Using indirect build tracing](https://codeql.github.com/docs/codeql-cli/creating-codeql-databases/#using-indirect-build-tracing) in the documentation for the {% data variables.product.prodname_codeql_cli %}.
-
-{% endif %}
-
-{% ifversion ghes < 3.3 %}
-
-{% data reusables.code-scanning.use-codeql-runner-not-cli %}
-
-{% data reusables.code-scanning.deprecation-codeql-runner %}
-
-{% endif %}
-
 {% endif %}

 ## Further reading
--- a/translations/zh-CN/content/code-security/code-scanning/using-codeql-code-scanning-with-your-existing-ci-system/configuring-codeql-runner-in-your-ci-system.md
+++ b/translations/zh-CN/content/code-security/code-scanning/using-codeql-code-scanning-with-your-existing-ci-system/configuring-codeql-runner-in-your-ci-system.md
@@ -11,10 +11,7 @@ redirect_from:
  - /code-security/secure-coding/configuring-codeql-runner-in-your-ci-system
  - /code-security/secure-coding/using-codeql-code-scanning-with-your-existing-ci-system/configuring-codeql-runner-in-your-ci-system
 versions:
-  fpt: '*'
-  ghes: '*'
-  ghae: '*'
-  ghec: '*'
+  feature: codeql-runner-supported
 type: how_to
 topics:
  - Advanced Security
--- a/translations/zh-CN/content/code-security/code-scanning/using-codeql-code-scanning-with-your-existing-ci-system/installing-codeql-cli-in-your-ci-system.md
+++ b/translations/zh-CN/content/code-security/code-scanning/using-codeql-code-scanning-with-your-existing-ci-system/installing-codeql-cli-in-your-ci-system.md
@@ -6,7 +6,7 @@ product: '{% data reusables.gated-features.code-scanning %}'
 miniTocMaxHeadingLevel: 3
 versions:
  fpt: '*'
-  ghes: '>=3.1'
+  ghes: '>=3.0'
  ghae: '*'
  ghec: '*'
 type: how_to
@@ -44,6 +44,17 @@ You should download the {% data variables.product.prodname_codeql %} bundle from
 - A compatible version of the queries and libraries from https://github.com/github/codeql
 - Precompiled versions of all the queries included in the bundle

+{% ifversion ghes %}
+
+{% note %}
+{% ifversion ghes = 3.0 %}For {% data variables.product.prodname_ghe_server %} 3.0, we recommend {% data variables.product.prodname_codeql_cli %} version 2.6.3.{% endif %}
+{% ifversion ghes = 3.1 %}For {% data variables.product.prodname_ghe_server %} 3.1, we recommend {% data variables.product.prodname_codeql_cli %} version 2.6.3.{% endif %}
+{% ifversion ghes = 3.2 %}For {% data variables.product.prodname_ghe_server %} 3.2, we recommend {% data variables.product.prodname_codeql_cli %} version 2.6.3.{% endif %}
+{% ifversion ghes > 3.2 %}For {% data variables.product.prodname_ghe_server %} 3.3 and greater, we recommend {% data variables.product.prodname_codeql_cli %} version 2.7.6 or greater.{% endif %}
+{% endnote %}
+
+{% endif %}
+
 You should always use the {% data variables.product.prodname_codeql %} bundle as this ensures compatibility and also gives much better performance than a separate download of the {% data variables.product.prodname_codeql_cli %} and checkout of the {% data variables.product.prodname_codeql %} queries. If you will only be running the CLI on one specific platform, download the appropriate `codeql-bundle-PLATFORM.tar.gz` file. Alternatively, you can download `codeql-bundle.tar.gz`, which contains the CLI for all supported platforms.

 {% data reusables.code-scanning.beta-codeql-packs-cli %}
--- a/translations/zh-CN/content/code-security/code-scanning/using-codeql-code-scanning-with-your-existing-ci-system/migrating-from-the-codeql-runner-to-codeql-cli.md
+++ b/translations/zh-CN/content/code-security/code-scanning/using-codeql-code-scanning-with-your-existing-ci-system/migrating-from-the-codeql-runner-to-codeql-cli.md
@@ -5,7 +5,7 @@ intro: 'You can use the {% data variables.product.prodname_codeql_cli %} to comp
 product: '{% data reusables.gated-features.code-scanning %}'
 versions:
  fpt: '*'
-  ghes: '>=3.1'
+  ghes: '>=3.0'
  ghae: '*'
  ghec: '*'
 topics:
--- a/translations/zh-CN/content/code-security/code-scanning/using-codeql-code-scanning-with-your-existing-ci-system/running-codeql-runner-in-your-ci-system.md
+++ b/translations/zh-CN/content/code-security/code-scanning/using-codeql-code-scanning-with-your-existing-ci-system/running-codeql-runner-in-your-ci-system.md
@@ -28,6 +28,8 @@ topics:

 <!--UI-LINK: When GitHub Enterprise Server <=3.0 doesn't have GitHub Actions set up, the Security > Code scanning alerts view links to this article.-->

+{% if codeql-runner-supported %}
+
 {% data reusables.code-scanning.deprecation-codeql-runner %}
 {% data reusables.code-scanning.beta %}
 {% data reusables.code-scanning.enterprise-enable-code-scanning %}
@@ -182,3 +184,17 @@ This example is similar to the previous example, however this time the repositor

 - "[Configuring {% data variables.product.prodname_codeql_runner %} in your CI system](/code-security/secure-coding/configuring-codeql-runner-in-your-ci-system)"
 - "[Troubleshooting {% data variables.product.prodname_codeql_runner %} in your CI system](/code-security/secure-coding/troubleshooting-codeql-runner-in-your-ci-system)"
+
+{% else %}
+
+## About the {% data variables.product.prodname_codeql_runner %}
+
+The {% data variables.product.prodname_codeql_runner %} has been deprecated. [{% data variables.product.prodname_codeql_cli %}](https://github.com/github/codeql-cli-binaries/releases) version 2.7.6 has complete feature parity.
+
+For information on migrating to {% data variables.product.prodname_codeql_cli %}, see "[Migrating from the CodeQL runner to CodeQL CLI](/code-security/code-scanning/using-codeql-code-scanning-with-your-existing-ci-system/migrating-from-the-codeql-runner-to-codeql-cli)."
+
+## Further reading
+
+- [CodeQL runner deprecation](https://github.blog/changelog/2021-09-21-codeql-runner-deprecation/) in the GitHub Blog
+
+{% endif %}
--- a/translations/zh-CN/content/code-security/code-scanning/using-codeql-code-scanning-with-your-existing-ci-system/troubleshooting-codeql-runner-in-your-ci-system.md
+++ b/translations/zh-CN/content/code-security/code-scanning/using-codeql-code-scanning-with-your-existing-ci-system/troubleshooting-codeql-runner-in-your-ci-system.md
@@ -10,10 +10,7 @@ redirect_from:
  - /code-security/secure-coding/troubleshooting-codeql-runner-in-your-ci-system
  - /code-security/secure-coding/using-codeql-code-scanning-with-your-existing-ci-system/troubleshooting-codeql-runner-in-your-ci-system
 versions:
-  fpt: '*'
-  ghes: '*'
-  ghae: '*'
-  ghec: '*'
+  feature: codeql-runner-supported
 type: how_to
 topics:
  - Advanced Security
--- a/translations/zh-CN/content/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning.md
+++ b/translations/zh-CN/content/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning.md
@@ -67,7 +67,14 @@ Before defining a custom pattern, you must ensure that {% data variables.product
 {% data reusables.repositories.navigate-to-security-and-analysis %}
 {% data reusables.repositories.navigate-to-ghas-settings %}
 {% data reusables.advanced-security.secret-scanning-new-custom-pattern %}
-{% data reusables.advanced-security.secret-scanning-add-custom-pattern-details %}
+{% data reusables.advanced-security.secret-scanning-add-custom-pattern-details %}{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-5499 %}
+1. When you're ready to test your new custom pattern, to identify matches in the repository without creating alerts, click **Save and dry run**.
+1. When the dry run finishes, you'll see a sample of results (up to 1000) from the repository. Review the results and identify any false positive results.
+   ![Screenshot showing results from dry run](/assets/images/help/repository/secret-scanning-publish-pattern.png)
+1. Edit the new custom pattern to fix any problems with the results, then click **Save and dry run** to test your changes.
+{% indented_data_reference reusables.secret-scanning.beta-dry-runs spaces=3 %}
+{% endif %}
+{% data reusables.advanced-security.secret-scanning-create-custom-pattern %}

 After your pattern is created, {% data reusables.secret-scanning.secret-scanning-process %} For more information on viewing {% data variables.product.prodname_secret_scanning %} alerts, see "[Managing alerts from {% data variables.product.prodname_secret_scanning %}](/code-security/secret-security/managing-alerts-from-secret-scanning)."

@@ -116,6 +123,7 @@ Before defining a custom pattern, you must ensure that you enable {% data variab
 {% data reusables.repositories.navigate-to-ghas-settings %}
 {% data reusables.advanced-security.secret-scanning-new-custom-pattern %}
 {% data reusables.advanced-security.secret-scanning-add-custom-pattern-details %}
+{% data reusables.advanced-security.secret-scanning-create-custom-pattern %}

 After your pattern is created, {% data variables.product.prodname_secret_scanning %} scans for any secrets in {% ifversion fpt or ghec %}private{% endif %} repositories in your organization, including their entire Git history on all branches. Organization owners and repository administrators will be alerted to any secrets found, and can review the alert in the repository where the secret is found. For more information on viewing {% data variables.product.prodname_secret_scanning %} alerts, see "[Managing alerts from {% data variables.product.prodname_secret_scanning %}](/code-security/secret-security/managing-alerts-from-secret-scanning)."

@@ -139,6 +147,7 @@ Before defining a custom pattern, you must ensure that you enable secret scannin
 {% data reusables.enterprise-accounts.advanced-security-security-features %}
 1. Under "Secret scanning custom patterns", click {% ifversion ghes = 3.2 %}**New custom pattern**{% else %}**New pattern**{% endif %}.
 {% data reusables.advanced-security.secret-scanning-add-custom-pattern-details %}
+{% data reusables.advanced-security.secret-scanning-create-custom-pattern %}

 After your pattern is created, {% data variables.product.prodname_secret_scanning %} scans for any secrets in {% ifversion fpt or ghec %}private{% endif %} repositories within your enterprise's organizations with {% data variables.product.prodname_GH_advanced_security %} enabled, including their entire Git history on all branches. Organization owners and repository administrators will be alerted to any secrets found, and can review the alert in the repository where the secret is found. For more information on viewing {% data variables.product.prodname_secret_scanning %} alerts, see "[Managing alerts from {% data variables.product.prodname_secret_scanning %}](/code-security/secret-security/managing-alerts-from-secret-scanning)."

--- a/translations/zh-CN/content/developers/github-marketplace/creating-apps-for-github-marketplace/security-best-practices-for-apps.md
+++ b/translations/zh-CN/content/developers/github-marketplace/creating-apps-for-github-marketplace/security-best-practices-for-apps.md
@@ -60,4 +60,4 @@ topics:

 您应该定期对生产基础架构进行漏洞扫描。 您应该对漏洞扫描的结果进行分类，并定义您同意修复漏洞的时间段。

-如果您还没有准备好设置完整的漏洞管理程序，最好先创建一个修补流程。 有关创建补丁管理策略的指南，请参阅这篇 TechRepublic 文章“[建立补丁管理策略](https://www.techrepublic.com/blog/it-security/establish-a-patch-management-policy-87756/)”。
+如果您还没有准备好设置完整的漏洞管理程序，最好先创建一个修补流程。 有关创建补丁管理策略的指南，请参阅这篇 TechRepublic 文章“[建立补丁管理策略](https://www.techrepublic.com/article/establish-a-patch-management-policy-87756/)”。
--- a/translations/zh-CN/content/get-started/writing-on-github/getting-started-with-writing-and-formatting-on-github/basic-writing-and-formatting-syntax.md
+++ b/translations/zh-CN/content/get-started/writing-on-github/getting-started-with-writing-and-formatting-on-github/basic-writing-and-formatting-syntax.md
@@ -25,6 +25,11 @@ shortTitle: 基本格式语法

 ![渲染的 H1、H2 和 H6 标题](/assets/images/help/writing/headings-rendered.png)

+When you use two or more headings, GitHub automatically generates a table of contents which you can access by clicking {% octicon "list-unordered" aria-label="The unordered list icon" %} within the file header. Each heading title is listed in the table of contents and you can click a title to navigate to the selected section.
+
+![Screenshot highlighting the table of contents icon](/assets/images/help/repository/headings_toc.png)
+
+
 ## 样式文本

 您可以在评论字段和 `.md` 文件中以粗体、斜体或删除线的文字表示强调。
--- a/translations/zh-CN/content/issues/trying-out-the-new-projects-experience/best-practices-for-managing-projects.md
+++ b/translations/zh-CN/content/issues/trying-out-the-new-projects-experience/best-practices-for-managing-projects.md
@@ -27,6 +27,20 @@ topics:

 议题和拉取请求包括内置功能，让您轻松地与协作者沟通。 使用@提及提醒个人或整个团队注意评论。 指派议题协作者负责沟通。 链接到相关的议题或拉取请求以沟通它们是如何连接的。

+## Make use of the description and README
+
+Use your project's description and README to share information about the project.
+
+例如：
+
+- Explaining the purpose of the project.
+- Describing the project views and how to use them.
+- Including relevant links and people to contact for more information.
+
+Project READMEs support Markdown which allows you to use images and advanced formatting such as links, lists, and headers.
+
+For more information, see "[Creating a project (beta)](/issues/trying-out-the-new-projects-experience/creating-a-project#updating-your-project-description-and-readme)."
+
 ## 使用视图

 使用项目视图从不同角度查看您的项目。
--- a/translations/zh-CN/content/issues/trying-out-the-new-projects-experience/creating-a-project.md
+++ b/translations/zh-CN/content/issues/trying-out-the-new-projects-experience/creating-a-project.md
@@ -25,6 +25,10 @@ topics:

 {% data reusables.projects.create-user-project %}

+## Updating your project description and README
+
+{% data reusables.projects.project-description %}
+
 ## 为您的项目添加项

 您的项目可以跟踪草稿议题、议题和拉取请求。
--- a/translations/zh-CN/content/issues/trying-out-the-new-projects-experience/managing-access-to-projects.md
+++ b/translations/zh-CN/content/issues/trying-out-the-new-projects-experience/managing-access-to-projects.md
@@ -15,7 +15,7 @@ topics:

 ## About project access

-Admins of organization-level projects can manage access for the entire organization, for teams, and for individual organization members.
+Admins of organization-level projects can manage access for the entire organization, for teams, for individual organization members, and for outside collaborators.

 Admins of user-level projects can invite individual collaborators and manage their access.

@@ -37,18 +37,18 @@ The default base role is `write`, meaning that everyone in the organization can

 ### Managing access for teams and individual members of your organization

-You can also add teams, and individual organization members, as collaborators. 更多信息请参阅“[关于团队](/organizations/organizing-members-into-teams/about-teams)”。
+You can also add teams, external collaborators, and individual organization members as collaborators for an organization-level project. 更多信息请参阅“[关于团队](/organizations/organizing-members-into-teams/about-teams)”。

-You can only invite an individual user to collaborate on your organization-level project if they are a member of the organization.
+You can only invite an individual user to collaborate on your organization-level project if they are already a member of the organization or an outside collaborator on at least one repository in the organization.

 {% data reusables.projects.project-settings %}
 1. Click **Manage access**.
-1. Under **Invite collaborators**, search for the team or organization member that you want to invite.
-1. Select the role for the collaborator.
+2. Under **Invite collaborators**, search for the team or individual user that you want to invite.
+3. Select the role for the collaborator.
   - **Read**: The team or individual can view the project.
   - **Write**: The team or individual can view and edit the project.
   - **Admin**: The team or individual can view, edit, and add new collaborators to the project.
-1. Click **Invite**.
+4. Click **Invite**.

 ### Managing access of an existing collaborator on your project

--- a/translations/zh-CN/content/issues/trying-out-the-new-projects-experience/quickstart.md
+++ b/translations/zh-CN/content/issues/trying-out-the-new-projects-experience/quickstart.md
@@ -35,6 +35,10 @@ First, create an organization project or a user project.

 {% data reusables.projects.create-user-project %}

+## Setting your project description and README
+
+{% data reusables.projects.project-description %}
+
 ## 为您的项目添加议题

 接下来，在项目中添加一些议题。
--- a/translations/zh-CN/content/issues/trying-out-the-new-projects-experience/using-the-api-to-manage-projects.md
+++ b/translations/zh-CN/content/issues/trying-out-the-new-projects-experience/using-the-api-to-manage-projects.md
@@ -365,6 +365,43 @@ gh api graphql -f query='

 If you try to add an item that already exists, the existing item ID is returned instead.

+### Updating a project's settings
+
+The following example will update your project's settings. 将 `PROJECT_ID` 替换为项目的节点 ID。 Set `public` to `true` to make your project public on {% data variables.product.product_name %}. Modify `description` to make changes to your project's README.
+
+{% curl %}
+```shell
+curl --request POST \
+--url https://api.github.com/graphql \
+--header 'Authorization: token <em>TOKEN</em>' \
+--data '{"query":"mutation { updateProjectNext(input: { projectId: \"<em>PROJECT_ID</em>\", title: \"Project title\", public: false, description: \"# Project README\n\nA long description\", shortDescription: \"A short description\"}) { projectNext { id, title, description, shortDescription }}}"}'
+```
+{% endcurl %}
+
+{% cli %}
+```shell
+gh api graphql -f query='
+  mutation {
+    updateProjectNext(
+      input: {
+        projectId: "<em>PROJECT_ID</em>", 
+        title: "Project title",
+        public: false,
+        description: "# Project README\n\nA long description",
+        shortDescription: "A short description"
+      }
+    ) {
+      projectNext {
+        id
+        title
+        description
+        shortDescription
+      }
+    }
+  }'
+```
+{% endcli %}
+
 ### Updating a custom text, number, or date field

 The following example will update the value of a date field for an item. 将 `PROJECT_ID` 替换为项目的节点 ID。 将 `ITEM_ID` 替换为您想要更新的项的节点 ID。 将 `FIELD_ID` 替换为您想要更新的字段的 ID。
--- a/translations/zh-CN/content/organizations/managing-saml-single-sign-on-for-your-organization/enabling-and-testing-saml-single-sign-on-for-your-organization.md
+++ b/translations/zh-CN/content/organizations/managing-saml-single-sign-on-for-your-organization/enabling-and-testing-saml-single-sign-on-for-your-organization.md
@@ -20,6 +20,10 @@ shortTitle: 启用和测试 SAML SSO

 {% data reusables.saml.outside-collaborators-exemption %}

+{% data reusables.saml.saml-disabled-linked-identities-removed %}
+
+{% data reusables.saml.cannot-update-existing-saml-settings %}
+
 ## 启用和测试组织的 SAML 单点登录

 在组织中实施 SAML SSO 之前，请确保您已准备好组织。 更多信息请参阅“[准备在组织中实施 SAML 单点登录](/articles/preparing-to-enforce-saml-single-sign-on-in-your-organization)”。
--- a/translations/zh-CN/content/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/about-code-owners.md
+++ b/translations/zh-CN/content/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/about-code-owners.md
@@ -18,7 +18,7 @@ topics:

 具有管理员或所有者权限的人员可以在仓库中创建 CODEOWNERS 文件。

-您选择作为代码所有者的人员必须具有仓库的写入权限。 When the code owner is a team, that team must be visible and it must have write permissions, even if all the individual members of the team already have write permissions directly, through organization membership, or through another team membership.
+The people you choose as code owners must have read permissions for the repository. When the code owner is a team, that team must be visible and it must have write permissions, even if all the individual members of the team already have write permissions directly, through organization membership, or through another team membership.

 ## 关于代码所有者

@@ -104,11 +104,11 @@ apps/ @octocat
 # will require approval from @doctocat or @octocat.
 /scripts/ @doctocat @octocat

-# In this example, @octocat owns any file in the `/apps` 
-# directory in the root of your repository except for the `/apps/github` 
+# In this example, @octocat owns any file in the `/apps`
+# directory in the root of your repository except for the `/apps/github`
 # subdirectory, as its owners are left empty.
 /apps/ @octocat
-/apps/github 
+/apps/github
 ```
 ### 语法例外
 gitignore 文件有一些语法规则在 CODEOWNERS 文件中不起作用：
--- a/translations/zh-CN/content/support/contacting-github-support/providing-data-to-github-support.md
+++ b/translations/zh-CN/content/support/contacting-github-support/providing-data-to-github-support.md
@@ -21,6 +21,24 @@ topics:

 Diagnostic files contain information about a {% data variables.product.prodname_ghe_server %} instance's settings and environment, support bundles contain diagnostics and logs from the past two days, and extended support bundles also contain diagnostics and logs but from the past seven days.

+## About log file sanitization
+
+Authentication tokens, keys, and secrets are removed from log files in the following log directories contained within a support bundle or diagnostics file:
+
+* `alambic-logs`
+* `babeld-logs`
+* `codeload-logs`
+* `enterprise-manage-logs`
+* `github-logs`
+* `hookshot-logs`
+* `lfs-server-logs`
+* `semiotic-logs`
+* `task-dispatcher-logs`
+* `pages-logs`
+* `registry-logs`
+* `render-logs`
+* `svn-bridge-logs`
+
 ## 创建和共享诊断文件

 Diagnostic files are an overview of a {% data variables.product.prodname_ghe_server %} instance's settings and environment that contains:
--- a/translations/zh-CN/data/features/codeql-runner-supported.yml
+++ b/translations/zh-CN/data/features/codeql-runner-supported.yml
@@ -0,0 +1,7 @@
+---
+#Tracking deprecation of CodeQL runner
+versions:
+  fpt: '*'
+  ghec: '*'
+  ghes: '*'
+  ghae: '*'
--- a/translations/zh-CN/data/reusables/actions/enterprise-github-connect-warning.md
+++ b/translations/zh-CN/data/reusables/actions/enterprise-github-connect-warning.md
@@ -1,7 +1,7 @@
 {% ifversion ghes > 3.2 or ghae-issue-4815 %}
 {% note %}

-**注：**启用 {% data variables.product.prodname_github_connect %} 后，{% data variables.product.prodname_actions %} 将尝试在您的 {% data variables.product.prodname_ghe_server %} 实例上查找仓库，然后返回到 {% data variables.product.prodname_dotcom_the_website%}。 If a user has already created an organization and repository in your enterprise that matches an organization and repository name on {% data variables.product.prodname_dotcom %}, the repository on your enterprise will be used in place of the {% data variables.product.prodname_dotcom %} repository. For more information, see "[Automatic retirement of namespaces for actions accessed on {% data variables.product.prodname_dotcom_the_website%}](#automatic-retirement-of-namespaces-for-actions-accessed-on-githubcom)."
+**Note:** When a workflow uses an action by referencing the repository where the action is stored, {% data variables.product.prodname_actions %} will try to find the repository on your {% data variables.product.prodname_ghe_server %} instance first before falling back to {% data variables.product.prodname_dotcom_the_website %}. If a user has already created an organization and repository in your enterprise that matches an organization and repository name on {% data variables.product.prodname_dotcom %}, the repository on your enterprise will be used in place of the {% data variables.product.prodname_dotcom %} repository. For more information, see "[Automatic retirement of namespaces for actions accessed on {% data variables.product.prodname_dotcom_the_website%}](#automatic-retirement-of-namespaces-for-actions-accessed-on-githubcom)."

 {% endnote %}
 {% endif %}
@@ -9,7 +9,7 @@
 {% ifversion ghes < 3.3 %}
 {% note %}

-**注：**启用 {% data variables.product.prodname_github_connect %} 后，{% data variables.product.prodname_actions %} 将尝试在您的 {% data variables.product.prodname_ghe_server %} 实例上查找仓库，然后返回到 {% data variables.product.prodname_dotcom_the_website%}。 如果用户在企业中创建的组织和仓库与 {% data variables.product.prodname_dotcom %} 上的组织和仓库名称匹配，则将使用企业上的仓库代替 {% data variables.product.prodname_dotcom %} 仓库。 恶意用户可能利用此行为在工作流程中运行代码。
+**Note:** When a workflow uses an action by referencing the repository where the action is stored, {% data variables.product.prodname_actions %} will try to find the repository on your {% data variables.product.prodname_ghe_server %} instance first before falling back to {% data variables.product.prodname_dotcom_the_website %}. 如果用户在企业中创建的组织和仓库与 {% data variables.product.prodname_dotcom %} 上的组织和仓库名称匹配，则将使用企业上的仓库代替 {% data variables.product.prodname_dotcom %} 仓库。 恶意用户可能利用此行为在工作流程中运行代码。

 {% endnote %}
 {% endif %}
--- a/translations/zh-CN/data/reusables/advanced-security/secret-scanning-add-custom-pattern-details.md
+++ b/translations/zh-CN/data/reusables/advanced-security/secret-scanning-add-custom-pattern-details.md
@@ -2,6 +2,8 @@
   1. 您至少必须提供模式的名称，以及秘密模式格式的正则表达式。
   1. 您可以点击**更多选项 {% octicon "chevron-down" aria-label="down" %}** 来提供密钥格式的其他周围内容或额外匹配要求。
   1. Provide a sample test string to make sure your configuration is matching the patterns you expect.
-
+   {% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-5499 %}
   ![创建自定义 {% data variables.product.prodname_secret_scanning %} 模式表](/assets/images/help/repository/secret-scanning-create-custom-pattern.png)
-1. When you are satisfied with your new custom pattern, click {% ifversion fpt or ghes > 3.2 or ghae or ghec %}**Create pattern**{% elsif ghes = 3.2 %}**Create custom pattern**{% endif %}.
+   {% else %}
+   ![创建自定义 {% data variables.product.prodname_secret_scanning %} 模式表](/assets/images/enterprise/3.2/repository/secret-scanning-create-custom-pattern.png)
+   {% endif %}
--- a/translations/zh-CN/data/reusables/advanced-security/secret-scanning-create-custom-pattern.md
+++ b/translations/zh-CN/data/reusables/advanced-security/secret-scanning-create-custom-pattern.md
@@ -0,0 +1 @@
+1. When you're satisfied with your new custom pattern, click {% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-5499 %}**Publish pattern**{% elsif  ghes > 3.2 or ghae %}**Create pattern**{% elsif ghes = 3.2 %}**Create custom pattern**{% endif %}.
--- a/translations/zh-CN/data/reusables/billing/email-notifications.md
+++ b/translations/zh-CN/data/reusables/billing/email-notifications.md
@@ -1,3 +1,5 @@
-Email notifications are sent to account owners and billing managers when spending reaches 50%, 75%, and 90% of your account's included usage and when spending reaches 50%, 75%, and 90% of your account's spending limit.
+Email notifications are sent to account owners and billing managers when spending reaches 50%, 75%, 90% and 100% of your account's included usage and when spending reaches 50%, 75%, 90%, and 100% of your account's spending limit.

 You can disable these notifications anytime by navigating to the bottom of the **Spending Limit** page.
+
+![Screenshot of the billing email notification settings](/assets/images/help/billing/actions-packages-spending-limit-notifications.png)
--- a/translations/zh-CN/data/reusables/code-scanning/deprecation-codeql-runner.md
+++ b/translations/zh-CN/data/reusables/code-scanning/deprecation-codeql-runner.md
@@ -1,7 +1,23 @@
 {% note %}

-**Note:** The {% data variables.product.prodname_codeql_runner %} is being deprecated. Please use the [{% data variables.product.prodname_codeql_cli %}](https://github.com/github/codeql-cli-binaries/releases) version 2.6.2 or greater instead.
-{% data variables.product.prodname_ghe_server %} 3.3 will be the final release series that supports the {% data variables.product.prodname_codeql_runner %}. On {% data variables.product.prodname_ghe_cloud %}, the {% data variables.product.prodname_codeql_runner %} will be supported until March 2022.
-For more information, see [the CodeQL runner deprecation](https://github.blog/changelog/2021-09-21-codeql-runner-deprecation/).
+{% ifversion fpt or ghec %}
+
+**Note:** The {% data variables.product.prodname_codeql_runner %} is being deprecated. On {% data variables.product.product_name %}, the {% data variables.product.prodname_codeql_runner %} will be supported until March 2022. You should upgrade to the latest version of [{% data variables.product.prodname_codeql_cli %}](https://github.com/github/codeql-action/releases).
+
+{% elsif ghes > 3.3 %}
+
+**Note:** The {% data variables.product.prodname_codeql_runner %} has been deprecated and is not included in {% data variables.product.prodname_ghe_server %} 3.4. You should migrate to [{% data variables.product.prodname_codeql_cli %}](https://github.com/github/codeql-action/releases) version 2.7.6.
+
+{% elsif ghes < 3.4 %}
+
+**Note:** The {% data variables.product.prodname_codeql_runner %} is being deprecated. On {% data variables.product.prodname_ghe_server %} 3.0 and greater, you can install [{% data variables.product.prodname_codeql_cli %}](https://github.com/github/codeql-action/releases) version 2.6.3 to replace {% data variables.product.prodname_codeql_runner %}.
+
+{% elsif ghae %}
+
+**Note:** The {% data variables.product.prodname_codeql_runner %} has been deprecated. You should migrate to [{% data variables.product.prodname_codeql_cli %}](https://github.com/github/codeql-action/releases).
+
+{% endif %}
+
+For more information, see [the CodeQL runner deprecation](https://github.blog/changelog/2021-09-21-codeql-runner-deprecation/). For information on migrating to {% data variables.product.prodname_codeql_cli %}, see "[Migrating from the CodeQL runner to CodeQL CLI](/code-security/code-scanning/using-codeql-code-scanning-with-your-existing-ci-system/migrating-from-the-codeql-runner-to-codeql-cli)."

 {% endnote %}
--- a/translations/zh-CN/data/reusables/code-scanning/enabling-options.md
+++ b/translations/zh-CN/data/reusables/code-scanning/enabling-options.md
@@ -11,18 +11,21 @@
  
  <tr>
    <td>
+      {% data variables.product.prodname_codeql %}
    </td>
    
    <td>
+      Using {% data variables.product.prodname_actions %} (see "<a href="/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/setting-up-code-scanning-for-a-repository#setting-up-code-scanning-using-actions">Setting up {% data variables.product.prodname_code_scanning %} using actions</a>") or running {% data variables.product.prodname_codeql %} analysis in a third-party continuous integration (CI) system (see "<a href="/code-security/code-scanning/using-codeql-code-scanning-with-your-existing-ci-system/about-codeql-code-scanning-in-your-ci-system">About {% data variables.product.prodname_codeql %} {% data variables.product.prodname_code_scanning %} in your CI system</a>").
+    </td>
+  </tr>
+  
+  <tr>
+    <td>
+      第三方
+    </td>
+    
+    <td>
+      Using {% data variables.product.prodname_actions %} (see "<a href="/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/setting-up-code-scanning-for-a-repository#setting-up-code-scanning-using-actions">Setting up {% data variables.product.prodname_code_scanning %} using actions</a>") or generated externally and uploaded to {% data variables.product.product_name %} (see "<a href="/code-security/code-scanning/integrating-with-code-scanning/uploading-a-sarif-file-to-github">Uploading a SARIF file to {% data variables.product.prodname_dotcom %}</a>").
    </td>
  </tr>
 </table>
-{%- ifversion fpt or ghes > 3.0 or ghae %}
-|
-{% data variables.product.prodname_codeql %} | Using {% data variables.product.prodname_actions %} (see "[Setting up {% data variables.product.prodname_code_scanning %} using actions](/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/setting-up-code-scanning-for-a-repository#setting-up-code-scanning-using-actions)") or running {% data variables.product.prodname_codeql %} analysis in a third-party continuous integration (CI) system (see "[About {% data variables.product.prodname_codeql %} {% data variables.product.prodname_code_scanning %} in your CI system](/code-security/code-scanning/using-codeql-code-scanning-with-your-existing-ci-system/about-codeql-code-scanning-in-your-ci-system)").
-{%- else %}
-|
-{% data variables.product.prodname_codeql %} | Using {% data variables.product.prodname_actions %} (see "[Setting up {% data variables.product.prodname_code_scanning %} using actions](/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/setting-up-code-scanning-for-a-repository#setting-up-code-scanning-using-actions)") or using the {% data variables.product.prodname_codeql_runner %} in a third-party continuous integration (CI) system (see "[Running {% data variables.product.prodname_codeql_runner %} in your CI system](/code-security/code-scanning/using-codeql-code-scanning-with-your-existing-ci-system/running-codeql-runner-in-your-ci-system)").
-{%- endif %}
-| 第三&#8209;方 | 使用
-{% data variables.product.prodname_actions %} (see "[Setting up {% data variables.product.prodname_code_scanning %} using actions](/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/setting-up-code-scanning-for-a-repository#setting-up-code-scanning-using-actions)") or generated externally and uploaded to {% data variables.product.product_name %} (see "[Uploading a SARIF file to {% data variables.product.prodname_dotcom %}](/code-security/code-scanning/integrating-with-code-scanning/uploading-a-sarif-file-to-github)").|
--- a/translations/zh-CN/data/reusables/code-scanning/use-codeql-runner-not-cli.md
+++ b/translations/zh-CN/data/reusables/code-scanning/use-codeql-runner-not-cli.md
@@ -1,9 +0,0 @@
-{% ifversion fpt or ghes > 3.1 or ghae or ghec %}
-如果 {% data variables.product.prodname_codeql_cli %} 不适合在您的 CI 系统中使用，{% data variables.product.prodname_codeql_runner %} 可以作为替代。 通常，这在设置 CI 系统以协调编译器调用以及运行 {% data variables.product.prodname_codeql %} 分析时需要。 更多信息请参阅“[在 CI 系统中运行 {% data variables.product.prodname_codeql_runner %}](/code-security/secure-coding/using-codeql-code-scanning-with-your-existing-ci-system/running-codeql-runner-in-your-ci-system)”。
-{% endif %}
-
-{% ifversion ghes = 3.1 %}
-如果您需要执行以下操作，则需要使用 {% data variables.product.prodname_codeql_runner %}：
- 设置 CI 系统以协调编译器调用以及运行 {% data variables.product.prodname_codeql %} 分析
- 分析仓库中的多种语言。
-{% endif %}
--- a/translations/zh-CN/data/reusables/github-actions/docker-container-os-support.md
+++ b/translations/zh-CN/data/reusables/github-actions/docker-container-os-support.md
@@ -1,6 +1,6 @@
 {% note %}

-**注：**如果您的工作流程使用 Docker 容器操作或服务容器，则必须使用 Linux 运行器：
+**Note:** If your workflows use Docker container actions, job containers, or service containers, then you must use a Linux runner:

 * 如果您要使用 {% data variables.product.prodname_dotcom %} 托管的运行器，则必须使用 Ubuntu 运行器。
 * 如果您要使用自托管运行器，则必须使用 Linux 机器作为运行器，并且必须安装 Docker。
--- a/translations/zh-CN/data/reusables/projects/project-description.md
+++ b/translations/zh-CN/data/reusables/projects/project-description.md
@@ -0,0 +1,10 @@
+You can set your project's description and README to share the purpose of your project, provide instructions on how to use the project, and include any relevant links.
+
+{% data reusables.projects.project-settings %}
+1. To add a short description to your project, under "Add a description", type your description in the text box  and click **Save**.
+1. To update your project's README, under "README", type your content in the text box.
+   - You can format your README using Markdown. 更多信息请参阅“[基本撰写和格式语法](/get-started/writing-on-github/getting-started-with-writing-and-formatting-on-github/basic-writing-and-formatting-syntax)”。
+   - To toggle between the text box and a preview of your changes, click {% octicon "eye" aria-label="The preview icon" %} or {% octicon "pencil" aria-label="The edit icon" %}.
+1. To save changes to your README, click **Save**.
+
+You can view and make quick changes to your project description and README by navigating to your project and clicking {% octicon "sidebar-expand" aria-label="The sidebar icon" %} in the top right.
--- a/translations/zh-CN/data/reusables/saml/cannot-update-existing-saml-settings.md
+++ b/translations/zh-CN/data/reusables/saml/cannot-update-existing-saml-settings.md
@@ -0,0 +1,5 @@
+{% note %}
+
+**Note:** When SAML SSO is enabled, the only setting you can update on {% data variables.product.prodname_dotcom %} for your existing SAML configuration is the SAML certificate. If you need to update the Sign on URL or Issuer, you must first disable SAML SSO and then reconfigure SAML SSO with the new settings.
+
+{% endnote %}
--- a/translations/zh-CN/data/reusables/saml/saml-disabled-linked-identities-removed.md
+++ b/translations/zh-CN/data/reusables/saml/saml-disabled-linked-identities-removed.md
@@ -0,0 +1 @@
+When SAML SSO is disabled, all linked external identities are removed from {% data variables.product.product_name %}.
--- a/translations/zh-CN/data/reusables/secret-scanning/beta-dry-runs.md
+++ b/translations/zh-CN/data/reusables/secret-scanning/beta-dry-runs.md
@@ -0,0 +1,6 @@
+
+{% note %}
+
+**Note:** The dry run feature is currently in beta and subject to change.
+
+{% endnote %}
				`@@ -0,0 +1 @@`
				`1. When you're satisfied with your new custom pattern, click {% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-5499 %}Publish pattern{% elsif ghes > 3.2 or ghae %}Create pattern{% elsif ghes = 3.2 %}Create custom pattern{% endif %}.`
				`@@ -0,0 +1 @@`
				`When SAML SSO is disabled, all linked external identities are removed from {% data variables.product.product_name %}.`